Karolin Seeger [Mon, 14 Aug 2017 10:47:57 +0000 (12:47 +0200)]
VERSION: Disable GIT_SNAPSHOT for the 4.7.0rc4 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Mon, 14 Aug 2017 10:47:16 +0000 (12:47 +0200)]
WHATSNEW: Add release notes for Samba 4.7.0rc4.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Anoop C S [Mon, 31 Jul 2017 10:09:19 +0000 (15:39 +0530)]
source3/client: Fix typo in help message displayed by default
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12936
Signed-off-by: Anoop C S <anoopcs@redhat.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
90487259e365d5b966ccc47ac51eadb4733f3197)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Mon Aug 14 14:35:34 CEST 2017 on sn-devel-144
Ralph Boehme [Wed, 24 May 2017 07:17:19 +0000 (09:17 +0200)]
vfs_fruit: factor out common code from ad_get() and ad_fget()
As a result of the previous changes ad_get() and ad_fget() do completey
the same, so factor out the common code to a new helper function. No
change in behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12791
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Aug 9 22:33:36 CEST 2017 on sn-devel-144
(cherry picked from commit
d55c27abc5a7357f740c7065bbe12e7f36b57125)
Ralph Boehme [Tue, 23 May 2017 15:44:16 +0000 (17:44 +0200)]
vfs_fruit: return fake pipe fd in fruit_open_meta_netatalk()
Do not open the basefile, that conflict with "kernel oplocks = yes". We
just return a fake file fd based on dup'ing a pipe fd and ensure all VFS
functions that go through vfs_fruit and work on the metadata stream can
deal with it.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12791
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
7583ee6e1c558067e4c7a7351085fcc0e4240366)
Ralph Boehme [Tue, 23 May 2017 15:31:47 +0000 (17:31 +0200)]
vfs_fruit: don't open basefile in ad_open() and simplify API
We never need an fd on the basefile when operating on the metadata, as
we can always use path based syscalls. Opening the basefile conflicts
with "kernel oplocks" so just don't do it.
Additional changes:
- remove the adouble_type_t argument to ad_open(), the type is passed
and set when allocating a struct adouble with ad_alloc()
- additionally pass an optional fsp to ad_open() (so the caller can pass
NULL). With this change we can move the fd inheritance from fsp to ad
into ad_open() itself where it belongs and remove it from the caller
ad_fget()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12791
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
(cherry picked from commit
e92a39255e66f655e2758f0a71a01eaf258cf711)
Ralph Boehme [Tue, 23 May 2017 15:39:46 +0000 (17:39 +0200)]
vfs_fruit: use path based setxattr call in ad_fset()
This allows later commits to remove opening of the basefile which
conflict with "kernel oplocks = yes".
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12791
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
aff6fc49f4ac244aef162200a37bd846719e1e4f)
Ralph Boehme [Thu, 18 May 2017 11:17:38 +0000 (13:17 +0200)]
s4/torture: additional tests for kernel-oplocks
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
(cherry picked from commit
bbc225de83e7b0e5eaeb1b843532d1f0fca91a3c)
Ralph Boehme [Wed, 10 May 2017 09:38:06 +0000 (11:38 +0200)]
s4/torture: reproducer for kernel oplocks issue with streams
test_smb2_kernel_oplocks3() wouldn't have failed without the patches,
I'm just adding it to have at least one test that tests with 2
clients. All other tests use just one client.
test_smb2_kernel_oplocks4() is the reproducer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12791
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
(cherry picked from commit
a334fff8a8c779704ee04ae784024efb67a6e9c9)
Ralph Boehme [Thu, 11 May 2017 16:08:56 +0000 (18:08 +0200)]
vfs_streams_xattr: return a fake fd in streams_xattr_open()
The final step in changing vfs_streams_xattr to not call open() on the
basefile anymore. Instead, we just return a fake file fd based on
dup'ing a pipe fd. Previous commits ensured all calls to VFS API
functions use pathname based versions to do their work.
This ensures we don't trigger kernel oplock breaks for client "open
stream" requests when needlessly opening the basefile.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12791
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
0a8559d4c9e4fc73c30a06b5f45f3b870afe4439)
Ralph Boehme [Thu, 11 May 2017 16:05:18 +0000 (18:05 +0200)]
vfs_streams_xattr: implement all missing handle based VFS functions
Implement all missing handle based VFS function. If the call is on a
named stream, implement the appropriate action for the VFS function, in
most cases a no-op.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12791
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
9647af6bec62c9f61d541aad4a9b8f25fd5bc627)
Ralph Boehme [Thu, 11 May 2017 15:38:00 +0000 (17:38 +0200)]
vfs_streams_xattr: always pass NULL as fsp arg to get_ea_value()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12791
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
0ed3075ee7edfecde7455a2c64e9df882828343b)
Ralph Boehme [Thu, 11 May 2017 15:36:15 +0000 (17:36 +0200)]
vfs_streams_xattr: remove fsp argument from get_xattr_size()
Still in the process of changing all handle based operations to use path
based operations.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12791
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
4cc59e6d011cd3804499ba82bb4071973aa9d494)
Ralph Boehme [Thu, 11 May 2017 13:05:23 +0000 (15:05 +0200)]
vfs_streams_xattr: remove all uses of fd, use name based functions
We don't really need an fd in this module, all calls to the VFS xattr
API can just use the name based versions.
This paves the way for removing the open of the basefile in
streams_xattr_open() in a later commit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12791
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
ea906bb476516c05e7cbda478afd32acb443c03e)
Ralph Boehme [Thu, 11 May 2017 05:59:20 +0000 (07:59 +0200)]
vfs_streams_xattr: invalidate stat info if xattr was not found
We stat the basefile so we leave valid stat info from the base file
behind, even though the xattr for the stream was not there.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12791
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
ec32f33ea6d50d9cb504400c3ef1e78643502e1a)
Jeremy Allison [Fri, 21 Jul 2017 22:11:08 +0000 (15:11 -0700)]
s3: torture: Add a test for cli_setpathinfo_basic() to smbtorture3.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12913
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
bfa07323590357542eb06ad5faa2dc5a5736e3f1)
Jeremy Allison [Fri, 21 Jul 2017 19:46:23 +0000 (12:46 -0700)]
s3: libsmb: Implement cli_smb2_setatr() by calling cli_smb2_setpathinfo().
This removes duplicate code paths and ensures we have only one
function calling the underlying smb2cli_set_info() for setting
info levels by path.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12913
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
b1e5b894b089433e59c96915a27559d179bdb6c5)
Jeremy Allison [Fri, 21 Jul 2017 19:41:11 +0000 (12:41 -0700)]
s3: libsmb: Add cli_smb2_setpathinfo(), to be called by cli_setpathinfo_basic().
Fix to prevent libsmbclient from accidently making SMB1 calls inside an SMB2
connection.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12913
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
2a15c70603bb23a68a2e3de0b00bfd98508f78e0)
Jeremy Allison [Fri, 21 Jul 2017 16:56:45 +0000 (09:56 -0700)]
s3: libsmbclient: Fix cli_setpathinfo_basic() to treat mode == -1 as no change.
This is only called from SMBC_setatr(), so bring it into line with
the specification for that function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12913
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
812006fa8f26004609901b0ddef1c3ed05eff35e)
Ralph Boehme [Thu, 8 Jun 2017 17:18:36 +0000 (19:18 +0200)]
vfs_gpfs: handle EACCES when fetching DOS attributes from xattr
When trying to fetch the DOS attributes via gpfswrap_get_winattrs_path()
if the filesystem doesn't grant READ_ATTR to the file the function fails
with EACCESS.
But according to MS-FSA 2.1.5.1.2.1 "Algorithm to Check Access to an
Existing File" FILE_LIST_DIRECTORY on a directory implies
FILE_READ_ATTRIBUTES for directory entries.
So if the user can open the parent directory for reading this implies
FILE_LIST_DIRECTORY and we can safely call gpfswrap_get_winattrs_path()
with DAC_OVERRIDE_CAPABILITY.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12944
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Aug 9 01:21:14 CEST 2017 on sn-devel-144
(cherry picked from commit
62d73f5b936550d623ef4f31c7438ac3c90105b9)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Fri Aug 11 14:48:10 CEST 2017 on sn-devel-144
Ralph Boehme [Thu, 8 Jun 2017 17:10:20 +0000 (19:10 +0200)]
s3/smbd: handle EACCES when fetching DOS attributes from xattr
When trying to fetch the DOS attributes xattr via SMB_VFS_GETXATTR() if
the filesystem doesn't grant read access to the file the xattr read
request fails with EACCESS.
But according to MS-FSA 2.1.5.1.2.1 "Algorithm to Check Access to an
Existing File" FILE_LIST_DIRECTORY on a directory implies
FILE_READ_ATTRIBUTES for directory entries.
So if the user can open the parent directory for reading this implies
FILE_LIST_DIRECTORY and we can safely call SMB_VFS_GETXATTR() as root,
ensuring we can read the DOS attributes xattr.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12944
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
c54fcb7cbd0de244eed4134e877da6e9c16e7aab)
Ralph Boehme [Thu, 8 Jun 2017 17:05:48 +0000 (19:05 +0200)]
s3/smbd: handling of failed DOS attributes reading
Only fall back to using UNIX modes if we get NOT_IMPLEMENTED. This is
exactly what we already do when setting DOS attributes.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12944
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
9de1411d9e7c7ac3da544345d4dea7fd73dff01b)
Marc Muehlfeld [Sun, 6 Aug 2017 09:50:55 +0000 (11:50 +0200)]
python: Fix incorrect kdc.conf parameter name in kerberos.py
Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12947
Typo in kdc.conf results in: Unable to load requested database module
'samba'.
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Thu Aug 10 12:58:59 CEST 2017 on sn-devel-144
Andreas Schneider [Mon, 7 Aug 2017 12:55:34 +0000 (14:55 +0200)]
WHATSNEW: Update doc for Samba AD with MIT Kerberos
This has been changed, the file is created in the private samba
directory. The path is printed by 'samba-tool' after it has been
created.
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Tue Aug 8 12:49:24 CEST 2017 on sn-devel-144
Andrew Bartlett [Mon, 31 Jul 2017 22:26:34 +0000 (10:26 +1200)]
dsdb: Do not force a re-index of sam.ldb on upgrade to 4.7
This means that no compatibleFeatures or incompatibleFeatures will be honoured
until a re-index, but that can be triggered when these features are set.
New databases will still get this support.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12855
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit
39c6274084e5d72d6fdfae1fb9fede439f6ad60d)
Andrew Bartlett [Tue, 1 Aug 2017 01:18:33 +0000 (13:18 +1200)]
dsdb: Fix dsdb_next_callback to correctly use ldb_module_done() etc
If we do not call ldb_module_done() then we do not know that up_req->callback()
has been called, and ldb_next_request() will call the callback again.
If called twice, the new ldb_lock_backend_callback() in ldb 1.2.0 will segfault.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12904
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Aug 1 07:52:38 CEST 2017 on sn-devel-144
(cherry picked from commit
d5750f016362ce55a1c905509c419756b523dde6)
Andrew Bartlett [Tue, 25 Jul 2017 02:26:45 +0000 (14:26 +1200)]
s4-cldap/netlogon: Match Windows 2012R2 and return NETLOGON_NT_VERSION_5 when version unspecified
The previous patch set this incorrectly to NETLOGON_NT_VERSION_1
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11392
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit
0554bc237f1b84d672d36781bead8b2c33f2e5a4)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Tue Aug 1 15:56:56 CEST 2017 on sn-devel-144
Arvid Requate [Thu, 22 Jun 2017 11:37:13 +0000 (13:37 +0200)]
s4-dsdb/netlogon: allow missing ntver in cldap ping
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11392
Signed-off-by: Arvid Requate <requate@univention.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
88db634ed84647e5105c4b4fdf37d5892bebfd8d)
Arvid Requate [Tue, 20 Jun 2017 18:05:17 +0000 (20:05 +0200)]
s4:torture/ldap: Test netlogon without NtVer
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11392
Signed-off-by: Arvid Requate <requate@univention.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
22a94b728bd5d513b2002b62c129271d2210ed73)
Noel Power [Thu, 20 Jul 2017 12:01:50 +0000 (13:01 +0100)]
s3/utils: smbcacls failed to detect DIRECTORIES using SMB2 (windows only)
uint16_t get_fileinfo(...) returns file attributes, this function
called
cli_qfileinfo_basic(cli, fnum, &mode, NULL, NULL, NULL,
NULL, NULL, NULL);
which was failing with NT_STATUS_ACCESS_DENIED errors when fnum above
was obtained via (when using protocol > SMB). Note: This only seems to be
an issue when run against a windows server, with smbd SMB1 & SMB2 work fine.
status = cli_ntcreate(cli, filename, 0, CREATE_ACCESS_READ,
0, FILE_SHARE_READ|FILE_SHARE_WRITE,
FILE_OPEN, 0x0, 0x0, &fnum, NULL);
The failing cli_qfileinfo_basic call above is unnecessary as we can already
obtain the required information from the cli_ntcreate call
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12937
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit
c57dcafb150823b00fd873046e65a966a8488fa8)
Andreas Schneider [Mon, 24 Jul 2017 10:19:27 +0000 (12:19 +0200)]
mit-kdb: Fix NULL pointer check after malloc
This fixes building with GCC 7.1.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12930
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
9b64b11c2f2c1bc77ae887b34d7efcb9f1452da7)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Mon Jul 31 15:49:51 CEST 2017 on sn-devel-144
Andreas Schneider [Mon, 24 Jul 2017 10:13:50 +0000 (12:13 +0200)]
s4:kcc: Add a NULL check before qsort()
This fixes building with GCC 7.1.1
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12930
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
314cf608932c21d593afd04769b07435bcd4fc53)
Andrew Bartlett [Fri, 21 Jul 2017 08:10:43 +0000 (20:10 +1200)]
selftest: Make --include-env and --exclude-env use the base env name
The code as deployed would have required (eg) '--include-env=ktest
--include-env=ktest:local' which was not done in autobuild, causing
tests to be skipped. This patch restores the intended behaviour.
This causes 33 testsuites to run, one more test (the newly added
samba.tests.ntlmauth) than the old regex provided (before
602772159dfd1213385f42ecbf31136f57693b63).
(The regression dropped us down to matching only 7 tests).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12922
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jul 24 03:33:01 CEST 2017 on sn-devel-144
(cherry picked from commit
61455ad82e293df4a094204fdf28162baad686ae)
Andrew Bartlett [Mon, 17 Jul 2017 21:03:17 +0000 (09:03 +1200)]
selftest: Use NETLOGON_NEG_STRONG_KEYS constant in AuthLogTestsNetLogonBadCreds
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jul 25 03:21:19 CEST 2017 on sn-devel-144
(cherry picked from commit
a420b1bdccbba72faf1108f7fae8b8202075db97)
Andrew Bartlett [Mon, 17 Jul 2017 20:57:03 +0000 (08:57 +1200)]
s4-netlogon: Use log_escape to protect against un-validated strings
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit
427a11b812d1872879658c998ef0328dd7c2a53a)
Andrew Bartlett [Mon, 17 Jul 2017 20:46:08 +0000 (08:46 +1200)]
s4-netlogon: Extend ServerAuthenticate3 logging to split up username forms
This splits out the username into the input, mapped and obtained
just as we do elsewhere.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit
abd821b76b27eb8d9bc2f8acfcf9d98caf015f5f)
Gary Lockyer [Sun, 9 Jul 2017 19:48:08 +0000 (07:48 +1200)]
source4 netlogon: Add authentication logging for ServerAuthenticate3
Log NETLOGON authentication activity by instrumenting the
netr_ServerAuthenticate3 processing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12865
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit
efc335a03062740f51a6edd09d765a8b77e239c5)
Gary Lockyer [Sun, 9 Jul 2017 19:46:26 +0000 (07:46 +1200)]
tests auth_log: Add new tests for NETLOGON
Tests for the logging of NETLOGON authentications in the
netr_ServerAuthenticate3 message processing
Test code based on the existing auth_log tests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12865
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit
f3d3e6da5a42833b8de86e9b7c0aa1c56e1c4e80)
Gary Lockyer [Sun, 9 Jul 2017 19:45:16 +0000 (07:45 +1200)]
tests auth_log: Modify existing tests to handle NETLOGON messages
Modify the existing tests to ignore auth logging for NETLOGON messages.
NETLOGON authentication is logged once per session, and is tested
separately. Ignoring it in these tests avoids order dependencies.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12865
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit
5c27c5b6efb4226aa8bdaf4e5cbb770f8b3ef22f)
Gary Lockyer [Sun, 23 Jul 2017 22:59:18 +0000 (10:59 +1200)]
auth_log: use symbolic constant to replace /root/ncalrpc_as_system
Modified to use constant AS_SYSTEM_MAGIC_PATH_TOKEN instead of
string literal "/root/ncalrpc_as_system"
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit
ddfe8aa9cccd78426456b6397bc7b352d9705648)
Gary Lockyer [Sun, 23 Jul 2017 23:00:45 +0000 (11:00 +1200)]
rpc: use symbolic constant to replace /root/ncalrpc_as_system
Modified to use constant AS_SYSTEM_MAGIC_PATH_TOKEN instead of string literal
"/root/ncalrpc_as_system"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12865
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit
1898096c7ecef4c323b14b7cf30db4283386f913)
Gary Lockyer [Sun, 23 Jul 2017 22:55:48 +0000 (10:55 +1200)]
dcerpc.idl Add symbolic constant for /root/ncalrpc_as_system
This is string is used several places in the code and tests, so it
should be a constant.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12865
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit
6ab9f789ff6e6328cf222fdb1a39457af7ed58b4)
Bob Campbell [Wed, 5 Jul 2017 04:08:11 +0000 (16:08 +1200)]
samdb/cracknames: support user and service principal as desired format
This adds support for DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL and
DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL as desired formats.
This also causes the test in cracknames.py to no longer fail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12842
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jul 24 11:10:26 CEST 2017 on sn-devel-144
(cherry picked from commit
eb2e77970e41c1cb62c041877565e939c78ff52d)
Bob Campbell [Tue, 4 Jul 2017 23:15:04 +0000 (11:15 +1200)]
samdb/cracknames: do not show recycled when a guid is desired
Previously, when a GUID was desired to
cracknames, it would include recycled objects as well. This would
sometimes result in two objects being returned from a query which is
supposed to return a unique GUID. For example, if a deleted user had
the same sAMAccountName as a non-deleted user and cracknames was used to
find the GUID of this account, it would return two GUIDs, and so would
fail with DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12842
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit
c186e02b40c921d33e23c8b2f7c5f1abb235a438)
Bob Campbell [Tue, 4 Jul 2017 23:08:45 +0000 (11:08 +1200)]
python/tests: add python test for cracknames
This fails due the bug, which causes the related test in
drsuapi_cracknames.c to flap. It also fails due to us not yet supporting
DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL or
DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12842
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit
4779afe0d2dd14371b68e80f47d11942456bb365)
Andrew Bartlett [Wed, 26 Jul 2017 23:10:43 +0000 (11:10 +1200)]
s4-rpc_server: Improve debug of new endpoints
This helps us know what process model is required and what one is in use.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12939
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 28 04:12:08 CEST 2017 on sn-devel-144
(cherry picked from commit
1ea6b5168f146d23d139b570084cb32ec02538fe)
Andrew Bartlett [Wed, 26 Jul 2017 23:44:12 +0000 (11:44 +1200)]
s4-rpc_server: ensure we get a new endpoint for netlogon
If we share the single process RPC servers with the multi-process RPC servers
on the same endpoint, they will default to running in an single process
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12939
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit
bc48c4b54b9c50d76fc967a1aa4fa013079605bc)
Karolin Seeger [Mon, 31 Jul 2017 09:13:20 +0000 (11:13 +0200)]
WHATSNEW: Fix typo.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
David Disseldorp [Fri, 14 Jul 2017 21:55:29 +0000 (23:55 +0200)]
vfs_ceph: fix cephwrap_chdir()
When provided a '/' path (i.e. CephFS root), vfs_ceph does a *local*
chdir() to the share path. This breaks smb client directory listings.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12911
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Jul 21 19:10:46 CEST 2017 on sn-devel-144
(cherry picked from commit
1dcacff083019810e207a3d123a81fe32d9dde1a)
Karolin Seeger [Tue, 25 Jul 2017 09:06:45 +0000 (11:06 +0200)]
VERSION: Bump version up to 4.7.0rc4...
and re-enable GIT_SNAPSHOTS.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 25 Jul 2017 09:05:53 +0000 (11:05 +0200)]
VERSION: Disable GIT_SNAPSHOTS for the 4.7.0rc3 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 25 Jul 2017 09:04:54 +0000 (11:04 +0200)]
WHATSNEW: Add release notes for Samba 4.7.0rc3.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Bernhard M. Wiedemann [Mon, 10 Jul 2017 16:29:41 +0000 (18:29 +0200)]
s3: drop build_env
As a follow up to
eedebe2ef1b ("docs-xml: Sort input file list"), this
change enables reproducible builds, without the added complexity of
https://lists.samba.org/archive/samba-technical/2017-June/121302.html
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12906
Signed-off-by: Bernhard M. Wiedemann <bwiedemann@suse.de>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Jul 14 18:48:08 CEST 2017 on sn-devel-144
(cherry picked from commit
85b10a636e0eeeca0948c6b1d59d2df7b4507d45)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Tue Jul 25 02:20:38 CEST 2017 on sn-devel-144
Jeremy Allison [Thu, 13 Jul 2017 19:06:58 +0000 (12:06 -0700)]
s3: smbd: Fix a read after free if a chained SMB1 call goes async.
Reported to the Samba Team by Yihan Lian <lianyihan@360.cn>, a security
researcher of Qihoo 360 GearTeam. Thanks a lot!
smb1_parse_chain() incorrectly used talloc_tos() for the memory
context of the chained smb1 requests. This gets freed between
requests so if a chained request goes async, the saved request
array also is freed, which causes a crash on resume.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12836
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
5fe76a5474823ed7602938a07c9c43226a7882a3)
Thomas Jarosch [Sat, 22 Jul 2017 16:36:18 +0000 (09:36 -0700)]
s3: libsmb: Fix use-after-free when accessing pointer *p.
talloc_asprintf_append() might call realloc()
and therefore move the memory address of "path".
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12927
Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jul 22 22:45:05 CEST 2017 on sn-devel-144
(cherry picked from commit
890137cffedcaf88a9ff808c01335ee14fcfd8da)
Volker Lendecke [Wed, 19 Jul 2017 12:51:33 +0000 (14:51 +0200)]
smbd: Fix a connection run-down race condition
When we do a server exit with active aio jobs, we need to keep the
aio state active for the helper thread. Right now I don't see another
chance than to leak memory in this case. And, I don't really oversee
how cancelling requests works in this case, but this does fix crashes
seen at a customer site.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12925
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
0181fcc4aaa730e3a88ff5d397145332f4013950)
Ralph Boehme [Fri, 14 Jul 2017 14:38:36 +0000 (16:38 +0200)]
s3/notifyd: ensure notifyd doesn't return from smbd_notifyd_init
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12910
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
7f4e7cfd1b0bd917395c631a1a8195fffd13bbad)
Alexander Bokovoy [Thu, 13 Jul 2017 11:49:12 +0000 (14:49 +0300)]
Build py3 versions of other rpc modules
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12905
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Fri Jul 14 11:36:53 CEST 2017 on sn-devel-144
(cherry picked from commit
0ed918ef5276c459d46c9e77c9e9d84bc41d4b14)
Alexander Bokovoy [Thu, 13 Jul 2017 12:37:47 +0000 (15:37 +0300)]
py3: Make sure to specify METH_VARARGS together with METH_KEYWORDS
A Python 3 bug https://bugs.python.org/issue15657 explains that one should
always use METH_VARARGS|METH_KEYWORDS when defining a function rather
than a lonely METH_KEYWORDS. We had only one definition like this in
Samba and it was the one that affects FreeIPA when running in Python 3
mode.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12905
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
303a52d8d48e4f5754448a876fedc98d7829e2bb)
Jeremy Allison [Tue, 18 Jul 2017 18:15:28 +0000 (11:15 -0700)]
s3: smbclient: Add a test for the setmode command.
Tested over SMB1 and SMB2.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12899
Back ported from
5facd045efe88783ba078c14793d05439bcc5a4b in master.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Mon, 17 Jul 2017 17:37:15 +0000 (10:37 -0700)]
s3: libsmb: Reverse sense of 'clear all attributes', ignore attribute change in SMB2 to match SMB1.
SMB1 uses attr == 0 to clear all attributes
on a file (end up with FILE_ATTRIBUTE_NORMAL),
and attr == FILE_ATTRIBUTE_NORMAL to mean ignore
request attribute change.
SMB2 uses exactly the reverse. Unfortunately as the
cli_setatr() ABI is exposed inside libsmbclient,
we must make the SMB2 cli_smb2_setatr() call
export the same ABI as the SMB1 cli_setatr()
which calls it. This means reversing the sense
of the requested attr argument if it's zero
or FILE_ATTRIBUTE_NORMAL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12899
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
(cherry picked from commit
f1cc79a46d56bda99c392d491d88479cd6427a32)
Martin Schwenke [Wed, 12 Jul 2017 03:41:17 +0000 (13:41 +1000)]
ctdb-common: Set close-on-exec when creating PID file
Otherwise, for example, the file descriptor for the main PID file will
leak all the way down to event scripts.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12898
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
3e85cbfd7541d8f30ce1f3244ebcc44332b394fe)
Ralph Boehme [Wed, 12 Jul 2017 07:33:59 +0000 (09:33 +0200)]
vfs_fruit: don't use MS NFS ACEs with Windows clients
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12897
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Jul 13 22:21:08 CEST 2017 on sn-devel-144
(cherry picked from commit
df0db9d8f893f9245c6289200303b94a6e2d48d0)
Amitay Isaacs [Wed, 19 Jul 2017 02:04:35 +0000 (12:04 +1000)]
dbwrap_ctdb: Fix calculation of persistent flag
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12891
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
f7daa453045c787ddab6e04c1fdaa386c231371f)
Ralph Boehme [Tue, 11 Jul 2017 19:35:17 +0000 (21:35 +0200)]
dbwrap: Ask CTDB for local tdb open flags
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12891
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Jul 12 13:25:11 CEST 2017 on sn-devel-144
(cherry picked from commit
de9d21957706bd5d811db01b7b5d88a0bb17034b)
Ralph Boehme [Tue, 11 Jul 2017 18:41:43 +0000 (20:41 +0200)]
ctdbd_conn: pass persistent bool instead of tdb_flags
ctdbd_db_attach() only needs to know the ctdb database model, not the
rest of the flags.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12891
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
b2b7e3b9710fa22716f931177265dcd8de74532b)
Ralph Boehme [Tue, 11 Jul 2017 18:36:35 +0000 (20:36 +0200)]
ctdbd_conn: move CTDB_CONTROL_ENABLE_SEQNUM control to db_open_ctdb
No change in behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12891
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
0077296cee1cd54a5adb12fc706cbf99203a8213)
Amitay Isaacs [Mon, 10 Jul 2017 14:38:59 +0000 (00:38 +1000)]
dbwrap: CTDB ignores tdb_flags passed to db attach controls
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12891
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
6ae063a109ca88bf815fd1bf5e8865053bea41b9)
Ralph Boehme [Sun, 9 Jul 2017 14:23:20 +0000 (16:23 +0200)]
dbwrap: enable mutexes by default for volatile TDBs
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12891
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
a70be43246ab74f0a2bbe245ab31f24460b70547)
Ralph Boehme [Sun, 9 Jul 2017 14:20:11 +0000 (16:20 +0200)]
ctdb: enable mutexes for volatile TDBs by default
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12891
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
2bce9cb72f3ac7efc2f4f48b0cffa1876364ae8c)
Ralph Boehme [Sun, 9 Jul 2017 12:34:10 +0000 (14:34 +0200)]
s3/vfs: rename SMB_VFS_STRICT_LOCK to SMB_VFS_STRICT_LOCK_CHECK
As per MS-SMB2 and MS-FSA and our SMB_VFS_STRICT_LOCK implementation,
we're merely testing for locks, not setting any.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12887
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 11 03:37:44 CEST 2017 on sn-devel-144
(cherry picked from commit
67466271c26ca10c6bce6a51f9dd97a22258f8a4)
Ralph Boehme [Sun, 9 Jul 2017 12:21:21 +0000 (14:21 +0200)]
s3/vfs: remove SMB_VFS_STRICT_UNLOCK
It's just a noop, so let's remove it. SMB_VFS_STRICT_LOCK doesn't set
logs, it just checks for the presence of incompatible locks.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12887
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
c9172c5a4505eb18cb4645e2436eabcc93ec67e1)
Andreas Schneider [Fri, 7 Jul 2017 12:08:49 +0000 (14:08 +0200)]
s3:client: The smbspool krb5 wrapper needs negotiate for authentication
If you create a new printer it doesn't have AuthInfoRequired set and so
cups calls the backend with:
AUTH_INFO_REQUIRED=none
In this case we need to return:
ATTR: auth-info-required=negotiate
and return an error that we require authentication.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12886
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
4cced4da4ca97f0c6db227e6b2c7e03c2e5c1f28)
Günther Deschner [Wed, 28 Jun 2017 16:10:28 +0000 (18:10 +0200)]
vfs_fruit: add fruit:model = <modelname> parametric option
fruit:model = iMac
fruit:model = MacBook
fruit:model = MacPro
fruit:model = Xserve
will all display a different icon inside Finder.
Formerly, we used "Samba" which resulted in a "?" icon in Finder, with
the new default "MacSamba" we appear with a computer box icon at least.
Guenther
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12840
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Jul 12 03:17:57 CEST 2017 on sn-devel-144
(cherry picked from commit
259e1706e3206b215e136ea9d5beef4c9e3fcdee)
Dustin L. Howett via samba-technical [Fri, 30 Jun 2017 23:10:01 +0000 (16:10 -0700)]
idmap_ad: Retry query_user exactly once if we get TLDAP_SERVER_DOWN
All other ldap-querying methods in idmap_ad make a single retry attempt if they get
TLDAP_SERVER_DOWN. This patch brings idmap_ad_query_user in line with that design.
This fixes the symptom described in 12720 at the cost of an additional reconnect per
failed lookup.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12720
Signed-off-by: Dustin L. Howett <dustin@howett.net>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
fe7020b0d1b6fe1ca9add4815e20c2e2262cb6c9)
Stefan Metzmacher [Fri, 21 Jul 2017 12:34:59 +0000 (14:34 +0200)]
tevent: version 0.9.33
* make tevent_req_print() more robust against crashes
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
7ad3a99d462e4a43c9f64b0877111d5e58f56e6e)
Autobuild-User(v4-7-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-7-test): Sun Jul 23 14:41:25 CEST 2017 on sn-devel-144
Stefan Metzmacher [Thu, 20 Jul 2017 12:20:03 +0000 (14:20 +0200)]
tevent: handle passing req = NULL to tevent_req_print()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
ca3e98488a45aa143e4ba454b4ba8763f09a6f50)
Stefan Metzmacher [Thu, 20 Jul 2017 12:16:44 +0000 (14:16 +0200)]
tevent: avoid calling talloc_get_name(NULL) in tevent_req_default_print()
We have the same information available under req->internal.private_type.
This way it's possible to call tevent_req_print() after
tevent_req_received() was called.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
21b56ffd983cc0b982bea55866bfa84c79133503)
Stefan Metzmacher [Fri, 21 Jul 2017 12:36:08 +0000 (14:36 +0200)]
ldb: version 1.2.1
* Bug #12882: Do not install _ldb_text.py if we have system libldb
* Use libraries from build dir for testsuite
* Bug #12900: Fix index out of bound in ldb_msg_find_common_values
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Jul 22 03:46:25 CEST 2017 on sn-devel-144
(cherry picked from commit
19dfccea744a843511d9c4ca2b5adbd648284250)
Douglas Bagnall [Thu, 6 Jul 2017 00:41:07 +0000 (12:41 +1200)]
ldb/tests: more thoroughly test empty ldb_msg elements
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jul 7 20:10:37 CEST 2017 on sn-devel-144
(cherry picked from commit
4b3de6118569eb9a1d4f233eca112d0d207c1087)
Douglas Bagnall [Wed, 5 Jul 2017 22:01:24 +0000 (10:01 +1200)]
ldb: avoid searching empty lists in ldb_msg_find_common_values
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
282410fa2416404962521ad6b2598a9c83b63594)
Lukas Slebodnik [Tue, 4 Jul 2017 13:46:49 +0000 (15:46 +0200)]
ldb: Fix index out of bound in ldb_msg_find_common_values
cmocka unit test failed on i386
[==========] Running 2 test(s).
[ RUN ] test_ldb_msg_find_duplicate_val
[ OK ] test_ldb_msg_find_duplicate_val
[ RUN ] test_ldb_msg_find_common_values
[ FAILED ] test_ldb_msg_find_common_values
[==========] 2 test(s) run.
[ ERROR ] --- 0x14 != 0
[ LINE ] --- ../tests/ldb_msg.c:266: error: Failure!
[ PASSED ] 1 test(s).
[ FAILED ] 1 test(s), listed below:
[ FAILED ] test_ldb_msg_find_common_values
1 FAILED TEST(S)
But we were just lucky on other platforms because there is
index out of bound according to valgrind error.
==3298== Invalid read of size 4
==3298== at 0x486FCF6: ldb_val_cmp (ldb_msg.c:95)
==3298== by 0x486FCF6: ldb_msg_find_common_values (ldb_msg.c:266)
==3298== by 0x109A3D: test_ldb_msg_find_common_values (ldb_msg.c:265)
==3298== by 0x48E7490: ??? (in /usr/lib/libcmocka.so.0.4.1)
==3298== by 0x48E7EB0: _cmocka_run_group_tests (in /usr/lib/libcmocka.so.0.4.1)
==3298== by 0x1089B7: main (ldb_msg.c:352)
==3298== Address 0x4b07734 is 4 bytes after a block of size 48 alloc'd
==3298== at 0x483223E: malloc (vg_replace_malloc.c:299)
==3298== by 0x4907AA7: _talloc_array (in /usr/lib/libtalloc.so.2.1.9)
==3298== by 0x486FBF8: ldb_msg_find_common_values (ldb_msg.c:245)
==3298== by 0x109A3D: test_ldb_msg_find_common_values (ldb_msg.c:265)
==3298== by 0x48E7490: ??? (in /usr/lib/libcmocka.so.0.4.1)
==3298== by 0x48E7EB0: _cmocka_run_group_tests (in /usr/lib/libcmocka.so.0.4.1)
==3298== by 0x1089B7: main (ldb_msg.c:352)
Signed-off-by: Lukas Slebodnik <lslebodn@redhat.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
963d9f12f902ae266a8c7edbf4249090de46173b)
Lukas Slebodnik [Mon, 3 Jul 2017 22:32:31 +0000 (00:32 +0200)]
ldb: Use libraries from build dir for testsuite
There was a failure when tests were executed after after extracting
ldb tarball.
sh$ make -j8 check
WAF_MAKE=1 PATH=buildtools/bin:../../buildtools/bin:$PATH waf test
ldbadd: error while loading shared libraries: libldb.so.1: cannot open shared object file: No such file or directory
cat: write error: Broken pipe
Traceback (most recent call last):
File "tests/python/api.py", line 10, in <module>
import ldb
ImportError: libldb.so.1: cannot open shared object file: No such file or directory
Traceback (most recent call last):
File "tests/python/api.py", line 10, in <module>
import ldb
ImportError: libpyldb-util.so.1: cannot open shared object file: No such file or directory
bin/ldb_tdb_mod_op_test: error while loading shared libraries: libldb.so.1: cannot open shared object file: No such file or directory
testsuite returned 1
Signed-off-by: Lukas Slebodnik <lslebodn@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit
d5d6d209dedd60f8e99d11789f2a0d4e2bf95896)
Stefan Metzmacher [Wed, 19 Jul 2017 20:04:44 +0000 (22:04 +0200)]
WHATSNEW: add a note about the new 'smbclient deltree' command.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12914
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(v4-7-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-7-test): Fri Jul 21 00:36:16 CEST 2017 on sn-devel-144
Andreas Schneider [Tue, 18 Jul 2017 10:29:16 +0000 (12:29 +0200)]
s3:tests: Fix directory creation and deletion of test_nosymlinks()
This should fix flakey autobuild.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12914
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 19 11:59:52 CEST 2017 on sn-devel-144
(cherry picked from commit
bd7eab1639bb5eb70ff04b8f4b89373ca47daf08)
Andreas Schneider [Tue, 18 Jul 2017 10:03:32 +0000 (12:03 +0200)]
s3:tests: Fix directory creation and deletion of test_local_symlinks()
This should fix flakey autobuild.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12914
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
b594e0cdd2b68d262377cfe438253244b89d089c)
Jeremy Allison [Thu, 6 Jul 2017 17:52:45 +0000 (10:52 -0700)]
s3: tests: Add test for new smbclient "deltree" command.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12914
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jul 7 13:38:24 CEST 2017 on sn-devel-144
(cherry picked from commit
b21ee14e2265a6dd11dd83c8e252a40de394585a)
Jeremy Allison [Thu, 6 Jul 2017 00:23:48 +0000 (17:23 -0700)]
docs: Document new smbclient deltree command.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12914
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
f2f9f51fef8e264fdad11018e3c447db0ad03cc1)
Jeremy Allison [Thu, 6 Jul 2017 00:21:18 +0000 (17:21 -0700)]
s3: smbclient: Add new command deltree.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12914
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
b6f484ae9ca737a0772b279b88fc285fe1cec0e9)
Jeremy Allison [Wed, 5 Jul 2017 22:53:07 +0000 (15:53 -0700)]
s3: client: Move struct file_list code to using talloc from malloc.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12914
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
e9d33bf89f7c3932522e7696182bfc590d049095)
Stefan Metzmacher [Wed, 19 Jul 2017 20:06:13 +0000 (22:06 +0200)]
WHATSNEW: move the CTDB changes section before the Parameter changes
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Wed, 5 Jul 2017 06:59:23 +0000 (08:59 +0200)]
unittests: Add missing stdint.h include
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12878
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit
5d18c5e5ec52a185991f9de6883171f85f7d4fa7)
Autobuild-User(v4-7-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-7-test): Thu Jul 13 12:08:53 CEST 2017 on sn-devel-144
Martin Schwenke [Wed, 5 Jul 2017 06:31:48 +0000 (16:31 +1000)]
WHATSNEW: CTDB changes for 4.7
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Rowland Penny [Tue, 4 Jul 2017 14:07:53 +0000 (15:07 +0100)]
Add code to run the tests for 'samba-tool user edit'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12884
Signed-off-by: Rowland Penny <rpenny@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Wed Jul 5 17:53:24 CEST 2017 on sn-devel-144
(cherry picked from commit
e3707c1b19a27d431722e1b355dc39a39f7f8f1c)
Rowland Penny [Tue, 4 Jul 2017 14:04:36 +0000 (15:04 +0100)]
Add test for 'samba-tool user edit'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12884
Signed-off-by: Rowland Penny <rpenny@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit
3c03ac750f4dea00da21f21302beeaf5b12a35b8)
Rowland Penny [Tue, 4 Jul 2017 14:00:58 +0000 (15:00 +0100)]
Easily edit a users object in AD, as if using ldbedit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12884
Signed-off-by: Rowland Penny <rpenny@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit
2ab239be0d69389b451816ec72d548d1156e495b)
Andreas Schneider [Wed, 5 Jul 2017 08:08:49 +0000 (10:08 +0200)]
waf: Only build unit tests with selftest enabled
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12877
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit
25ef27b2e6d80f0afa271e73a195caa2105be648)
Stefan Metzmacher [Mon, 10 Jul 2017 09:29:58 +0000 (11:29 +0200)]
s3:smbd: consistently use talloc_tos() memory for rpc_pipe_open_interface()
The result is only used temporary and should not be leaked on a long term
memory context as 'conn'.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12890
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
77cbced5d2f8bf65c8d02f5edfaba8cbad519d08)
Ralph Boehme [Fri, 7 Jul 2017 11:12:19 +0000 (13:12 +0200)]
selftest: add a test for accessing previous version of directories with snapdirseverywhere
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12885
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Jul 8 00:33:51 CEST 2017 on sn-devel-144
(cherry picked from commit
cc9ba98c08665e0ed6927fd81fa43a7bb7842e45)
Ralph Boehme [Fri, 7 Jul 2017 10:57:57 +0000 (12:57 +0200)]
s3/smbd: let non_widelink_open() chdir() to directories directly
If the caller passes O_DIRECTORY we just try to chdir() to smb_fname
directly, not to the parent directory.
The security check in check_reduced_name() will continue to work, but
this fixes the case of an open() for a previous version of a
subdirectory that contains snapshopt.
Eg:
[share]
path = /shares/test
vfs objects = shadow_copy2
shadow:snapdir = .snapshots
shadow:snapdirseverywhere = yes
Directory tree with fake snapshots:
$ tree -a /shares/test/
/shares/test/
├── dir
│ ├── file
│ └── .snapshots
│ └── @GMT-2017.07.04-04.30.12
│ └── file
├── dir2
│ └── file
├── file
├── .snapshots
│ └── @GMT-2001.01.01-00.00.00
│ ├── dir2
│ │ └── file
│ └── file
└── testfsctl.dat
./bin/smbclient -U slow%x //localhost/share -c 'ls @GMT-2017.07.04-04.30.12/dir/*'
NT_STATUS_OBJECT_NAME_NOT_FOUND listing \@GMT-2017.07.04-04.30.12\dir\*
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12885
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
b886a9443d49f6e27fa3863d87c9e24d12e62874)